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What is claimed is: 

1 . A method for processing calls to a directory, comprising: 
receiving a call to a directory; 

evaluating the call according to one or more rules governing data that may be 
included in the directory; and 

processing the call based upon the evaluation of the call according to the one or more 
previously determined rules. 

2. The method for processing calls recited in claim 1, wherein the step of evaluating 
the call includes determining if the call includes a request to add data to the directory, a 
request to modify data in the directory, or a request to delete data from the directory. 

3. The method for processing calls recited in claim 2, wherein 

if the call does not include a request to add data to the directory, a request to modify 
data in the directory, or a request to delete data from the directory, then the processing step 
includes forwarding the call to the directory. 

4. The method for processing calls recited in claim 2, wherein the call is forwarded to 
the directory through a directory access server controlling access to the directory. 

5. The method for processing calls recited in claim 2, wherein the evaluation step 
further includes determining if one or more attributes included in the call comply with one or 
more rules in a set of rules when the call includes a request to add data to the directory, a 
request to modify data in the directory, or a request to delete data from the directory. 

6. The method for processing calls recited in claim 5, wherein the processing step 
includes forwarding the call to the directory when the one or more attributes included in the 
call comply with each of the one or more rules in the first set of rules. 
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7. The method for processing calls recited in claim 6, wherein the call is forwarded to 
the directory through a directory access server controlling access to the directory. 



8. The method for processing calls recited in claim 6, wherein the processing step 
includes forwarding an error message to a source of the call when the one or more attributes 
included in the call do not comply with each of the one or more rules in the set of rules. 

9. The method for processing calls recited in claim 5, wherein the processing step 
includes forwarding the call to the directory when the one or more attributes included in the 
call comply with at least one of the one or more rules in the set of rules. 

10. The method for processing calls recited in claim 9, wherein the call is forwarded 
to the directory through a directory access server controlling access to the directory. 

11. The method for processing calls recited in claim 9, wherein the processing step 
includes forwarding an error message to a source of the call when the one or more attributes 
included in the call do not comply with any of the one or more rules in the set of rules. 

12. The method for processing calls recited in claim 2, wherein the evaluation step 
further includes 

determining if one or more attributes included in the call comply with one or more 
rules in a first set of rules when the call includes a request to add data to the directory, 

determining if one or more attributes included in the call comply with one or more 
rules in a second set of rules when the call includes a request to modify data in the directory, 
and 

determining if one or more attributes included in the call comply with one or more 
rules in a third set of rules when the call includes a request to delete data from the directory. 

13. The method for processing calls recited in claim 1, wherein the directory employs 
the lightweight directory access protocol. 
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14. A rule attribute enforcer, comprising: 

a rule validator for determining if attributes in a call to a directory comply with rules 
governing data that may be included in the directory; and 

a transaction monitor for intercepting calls to the directory, such that the transaction 



diverts intercepted calls to the rule validator that include a request to add data 
to the directory, a request to modify data in the directory, or a request to delete data 
from the directory; and 

forwards intercepted calls to the directory that do not include a request to add 
data to the directory, a request to modify data in the directory, or a request to delete 
data from the directory. 

1 5. The attribute rule enforcer recited in claim 14, wherein 

when the rule validator determines that one or more attributes included in a call 
comply with each of one or more rules in a set of rules, the rule validator forwards the call. 

16. The attribute rule enforcer recited in claim 15, wherein the rule validator forwards 
the call to the transaction monitor, and the transaction monitor relays the call to the directory. 

1 7. The attribute rule enforcer recited in claim 16, wherein transaction monitor relays 
the call to the directory through a directory access server that controls access to the directory. 

1 8. The attribute rule enforcer recited in claim 1 5, wherein the rule validator forwards 
the call to the directory. 

19. The attribute rule enforcer recited in claim 1 5, wherein the rule validator forwards 
the call to the directory through a directory access server that controls access to the directory. 



monitor 



20. The attribute rule enforcer recited in claim 14, wherein 
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when the rule validator determines that one or more attributes included in a call 
comply with at least one of one or more rules in a set of rules, the rule validator forwards the 



21. The attribute rule enforcer recited in claim 20, wherein the rule validator forwards 
the call to the transaction monitor, and the transaction monitor relays the call to the directory. 

22. The attribute rule enforcer recited in claim 21, wherein transaction monitor relays 
the call to the directory through a directory access server that controls access to the directory. 

23. The attribute rule enforcer recited in claim 20, wherein the rule validator forwards 
the call to the directory. 

24. The attribute rule enforcer recited in claim 23, wherein the rule validator forwards 
the call to the directory through a directory access server that controls access to the directory. 

25. A directory network, including: 
one or more client computers; 

a directory, and 

an attribute rule enforcer as recited in claim 14, the attribute rule enforcer being 
arranged in the directory network so as to intercept calls from the one or more client 
computers to the directory. 

26. The directory network recited in claim 25, further including directory access 
server that controls access to the directory interposed between the attribute rule enforcer and 
the directory. 



call. 
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